https://community.blueprism.com/t5/Product-Forum/Authentication-Method-on-IIS/m-p/66790#M19395 <P>Hi Sandeep,</P> <P>This isn't a direct answer to your question, however Decipher 2.2 is targeted to support AD integration via SAML authentication. This may help resolve your challenge here.</P> <P>This is targeted to be released in Q1 2023 and is currently in our pre-release test phase.</P> <P>Regards</P><BR /><BR />------------------------------<BR />Ben Lyons<BR />Senior Product Specialist - Decipher<BR />Blue Prism<BR />UK based<BR />------------------------------<BR /> Mon, 20 Mar 2023 08:23:00 GMT Ben.Lyons1 2023-03-20T08:23:00Z https://community.blueprism.com/t5/Product-Forum/Authentication-Method-on-IIS/m-p/66789#M19394 <P>Hello ,</P> <P>I am looking to set up additional authentication in IIS layer for decipher web client as below.<P></P></P> <OL style="margin-top: 0in;" start="1" type="1"> <LI class="MsoListParagraph" style="margin-left: 0in; mso-list: l0 level1 lfo1;"><SPAN style="mso-fareast-font-family: 'Times New Roman';">Restrict access to only certain AD group.&nbsp;<P></P></SPAN></LI> <LI class="MsoListParagraph" style="margin-left: 0in; mso-list: l0 level1 lfo1;"><SPAN style="mso-fareast-font-family: 'Times New Roman';">Request users to enter their AD username &amp; password before Decipher web client login page loads.<P></P></SPAN></LI> </OL> <P><SPAN style="mso-fareast-font-family: 'Times New Roman';">Is there a documentation around it from Blueprism ? Or has anyone implemented this and faced any challenges.</SPAN></P><BR /><BR />------------------------------<BR />Sandeep Satish<BR />Asia/Kolkata<BR />------------------------------<BR /> Thu, 16 Mar 2023 22:02:00 GMT https://community.blueprism.com/t5/Product-Forum/Authentication-Method-on-IIS/m-p/66789#M19394 SandeepSatish 2023-03-16T22:02:00Z https://community.blueprism.com/t5/Product-Forum/Authentication-Method-on-IIS/m-p/66790#M19395 <P>Hi Sandeep,</P> <P>This isn't a direct answer to your question, however Decipher 2.2 is targeted to support AD integration via SAML authentication. This may help resolve your challenge here.</P> <P>This is targeted to be released in Q1 2023 and is currently in our pre-release test phase.</P> <P>Regards</P><BR /><BR />------------------------------<BR />Ben Lyons<BR />Senior Product Specialist - Decipher<BR />Blue Prism<BR />UK based<BR />------------------------------<BR /> Mon, 20 Mar 2023 08:23:00 GMT https://community.blueprism.com/t5/Product-Forum/Authentication-Method-on-IIS/m-p/66790#M19395 Ben.Lyons1 2023-03-20T08:23:00Z https://community.blueprism.com/t5/Product-Forum/Authentication-Method-on-IIS/m-p/66791#M19396 <DIV class="uconBody"><DIV dir="ltr"> <DIV></DIV> <DIV> <DIV>Hi Ben,</DIV> <DIV dir="ltr">I want to explore this in parallel to tighten the security, and later upgrade to 2.2 . I am hoping this would work for us in the interim .</DIV> <DIV> <DIV><BR /> </DIV> Get <A href="https://aka.ms/o0ukef">Outlook for iOS</A></DIV> </DIV> </DIV></DIV><BR /><BR /> Mon, 20 Mar 2023 08:57:00 GMT https://community.blueprism.com/t5/Product-Forum/Authentication-Method-on-IIS/m-p/66791#M19396 SandeepSatish 2023-03-20T08:57:00Z https://community.blueprism.com/t5/Product-Forum/Authentication-Method-on-IIS/m-p/66792#M19397 <P>Hi, Satish,<BR /><BR />It is possible to set a list of users in IIS, who can access the Decipher's Web-page in general. So if somebody shares their credentials, but person is not "whitelisted" in IIS, person can't reach login page and that's good.<BR /><BR />We managed to get this layer of security by enabling Windows Authentication in IIS for Decipher, and by creating a rule who can access it. The biggest inconvenience is that users have to be listed in one line, and AD group not possible to add (at least we haven't found a way yet).<BR /><BR /><BR /></P><BR /><BR />------------------------------<BR />Lukas Ramasauskas<BR />RPA Software Engineer / Robotic Solutions Architect<BR />Swedbank AB<BR />Europe/Vilnius<BR />------------------------------<BR /> Fri, 12 May 2023 07:00:00 GMT https://community.blueprism.com/t5/Product-Forum/Authentication-Method-on-IIS/m-p/66792#M19397 LukasRamasauskas 2023-05-12T07:00:00Z https://community.blueprism.com/t5/Product-Forum/Authentication-Method-on-IIS/m-p/66793#M19398 <P>Hi Lucas ,<BR />Thanks for your response. I did find a way to set this up.<BR /><BR />1. Enable windows authentication with "Negotiate"<BR />2. Enable URL authentication and add AD group as part of Allow group. Only the users who are part of the AD group are allowed to reach the login page.<BR /><BR />This seems to be working.&nbsp;</P><BR /><BR />------------------------------<BR />Sandeep Satish<BR />Asia/Kolkata<BR />------------------------------<BR /> Fri, 12 May 2023 07:06:00 GMT https://community.blueprism.com/t5/Product-Forum/Authentication-Method-on-IIS/m-p/66793#M19398 SandeepSatish 2023-05-12T07:06:00Z